December 2007 - Posts
Joel does it again. He recently gave a talk at Yale University where he himself studied computer science and graduated in 1991. On his blog "Joel on Software" he describes some of his history and what was going through his mind when he formed Fog Creek Software in New York.
I despaired of finding a company to work for where programmers were treated like talent and not like typists, and decided I would have to start my own. In those days, I was seeing lots of really dumb people with really dumb business plans making internet companies, and I thought, hey, if I can be, say, 10% less dumb than them, that should be easy, maybe I can make a company too, and in my company, we’d do things right for a change. We’d treat programmers with respect, we’d make high quality products, we wouldn’t take any *** from VCs or 24-year-olds playing President, we’d care about our customers and solve their problems when they called, instead of blaming everything on Microsoft, and we’d let our customers decide whether or not to pay us. At Fog Creek we’ll give anyone their money back with no questions asked under any circumstances whatsoever. Keeps us honest.
That penultimate sentence is incredible. Any fog creek customer can ask for their money back at any time if they are unhappy. Yet, Fog Creek is a successful, profitable company. I myself am a Fog Creek customer and I've never asked for my money back, even though I could just because I felt like it.
Wow. That is the kind of customer service I aspire to and the kind of company I want TiGra Networks to be. Joel is my hero. He is the living proof that I can run a company based on ethics and integrity and not have to be like every other company.
How many companies do you know who can afford to make that kind of promise? What if Microsoft adopted that policy?
I was just visiting the Microsoft Download Centre today to grab an download when suddenly up comes a little pop-up telling me I've been selected to try out the new Silverlight-powered download centre beta. I'm sure this beta is much more exclusive than DFS sales, so I decided to give it a whirl.
I recently had a problem with a customer running all Windows Vista clients on an SBS 2003 R2 domain. The problem was how to deploy printers to users who have restricted access (i.e. standard users). The users cannot install the printer drivers themselves because they do not have permission - nor should they need to as the customer is a training establishment with high student turnover, so it's important that the environment is right for each new student the first time they log in.
Windows Vista seems to solve this problem with a great new feature called Printer Deployment which works using Group Policy. Great! Except it doesn't work when your group policy is provided by SBS 2003. If you try to deploy a printer you'll receive a message that your active directory schema is not supported.
The problem is that Printer Deployment requires the R2 Active Directory Schema (version 31). Small Business Server 2003 R2 does not use the R2 schema, because it is based on Windows Server 2003 Service Pack 1, not R2. So you have a "Catch 22". You can't deploy printers normally because the users don't have permission; you can't deploy with Group Policy because SBS doesn't use the R2 schema.
Today I found a solution - update the Active Directory Schema to R2 using a Windows 2003 Server R2 installation media. I need to issue a disclaimer here that I'm not sure about the licensing legalities of this solution, I have yet to get an official opinion on that. If the network already has an R2 member server, then we're covered, but SBS networks don't always have an R2 member server. Nevertheless I think we should be OK as we're not actually installing the software, just using it to make updates to an existing Active Directory domain. Perhaps if any Microsofties are reading this post, they could leave feedback/trackback commenting on whether my solution is allowed. If you use my solution yourself, it's up to you to check the licensing issues for yourself. "Chewie, it's not my fault!"
OK, so here's what I did (see also KB 917385).
- First, take a system state backup of your SBS installation in case you need to roll back.
- Find a copy of Windows 2003 Server R2 (NOT Small Business Server) and pop it in the CDROM drive of your SBS box. You need CD 2, the one with the R2 components on it.
- Open a command prompt and change directory to \CMPNENTS\R2\ADPREP
- execute adprep /forestprep to install the R2 schema update.
- Go back to your Windows Vista Print Management console and re-try your printer deployment, it should now succeed.
Having created/updated your group policy object, you can test it by going to a client workstation and typing GPUPDATE at a command prompt. You should see your deployed printers appear.
NOTE: this is exactly the same issue that prevents a Windows 2003 R2 Server from being DCPROMOd in an SBS R2 domain. Updating to the R2 schema should allow you to add R2 member servers and DCPROMO them to domain controllers.
CAVEAT EMPTOR: Don't mess with your Active Directory unless you're comfortable with that. You did take that system state backup in step 1, right? If you are an end user, get your technology consultant to do this for you.
Introducing the
TiGra Networks Micro-Business Server™
The name “Micro Business Server” is ours, not Microsoft’s. These amusing video clips actually highlight some serious advantages of Microsoft’s new server product.
Based on Windows Home Server operating system, our Micro-Business Servers are designed as “no-brainer” backup and disaster recovery for up to 10 PCs. They also give you remote access to your files when out of the office. I’m offering this solution for businesses with up to 3 computers, possibly up to 5 but certainly beyond that we would normally recommend the more capable Small Business Server product.
You can only buy this server product pre-installed on a new computer. Our offering is a compact “book size” headless (no screen or keyboard) PC with a 500Gb hard drive. It runs almost silently and you just “set it and forget it”, so it will just sit in the corner doing its job, backing up all your computers and giving you secure remote access.
If you’re currently risking your business by carrying it around on a laptop hard drive, you need this product.
Has anyone got a copy of PhotoDraw 2000 Version 2 sitting in their CD drawer? I still rely on PhotoDraw to do a lot of my graphics editing - but I need to reinstall it after an OS upgrade and discovered that my media has become damaged. The product is no longer available so I'm asking the community to please check your software collection and see if you can help me out. If I could get ISO images of all 3 CDs by Live Messenger folder sharing that would be super-dooper, I have my own legitimate license key so I will not need a copy of that. One public spirited community member offered me some ISO images but they turned out to be Version 1 and my license key is for Version 2, so I wasn't able to use it.
Back in 2000 I was in Fry's Electronics in San Jose, California and I stumbled accross a little device called "U.are.U 2000". It was a fingerprint reader and some software that replaced the normal Windows login screen with one that allowed you to use your fingerprint to log in. It was looking lonely on the shelf, reduced to clear and I was intrigued so I snapped it up and tried it out. Ever since then, I have been totally convinced that biometrics is the way forward for authentication. The great thing about biometrics is that it doesn't rely on you knowing a piece of information that can be lost, stolen, hacked or whatever. Biometrics directly tests your identity, and you can't easily lose that and it's very hard for an imposter to impersonate you. Digital Persona even produced software that integrates with Active Directory, though that feature didn't come as standard, which was a shame.
It looks like Microsoft either licensed the technology or bought into Digital Persona, because their range of fingerprint readers still use the Digital Persona software. It's come along since 2000 and is now much more user friendly and easier to use. There are still a number of improvements that need to be made to 
the software (more later) but finger print login is now so cheap (~£25) and easy that I wonder why everyone isn't using it? There are a number of computers and devices that are starting to come with fingerprint readers built in now, so I think it is going to be much more common as people start to see the benefits, but good software support is key to mass adoption.
Which brings me back to the changes that are needed to improve the software. Active Directory integration is needed as standard so your fingerprint lets you log in to any computer on the network. Stand alone solutions don't go far enough and expecting businesses to pay premiums for AD integration will simply prevent large scale adoption. Second, there needs to be a way to associate a single set of credentials with multiple logon scenarios. For example, say I use my Live ID to log into several different web sites. Right now, each web site stores the same set of credentials separately and if I change my Live ID password, then I need to update that password everywhere I use it in the fingerprint login software. Most people use many, many different web sites and the only sensible way to manage all those passwords is to re-use a small set of credentials. Changing each stored password individually is tedious and negates a lot of the convenience of fingerprint login. The same applies to domain credentials. Even though I use Windows Integrated Authentication and therefore exactly the same set of credentials to log into my computer and into my SharePoint server, the fingerprint software stupidly treats those as separate logins. So now, when I change my password, the fingerprint login requires me to make that same change over and over again everywhere I used it. It simply negates the advantages of Windows Integrated Authentication. With those two improvements, I think fingerprint authentication will be unbeatable in terms of security and convenience. With the availability of fingerprint reader modules to be integrated into OEM devices, this could definitely become the normally accepted login method very soon.
That little dot glinting in a sunbeam, less than a pixel, is Earth. Not a representation; not something someone made up – an actual photograph, taken by the Voyager 1 spacecraft as it left the solar system forever, turning to take one last picture of the planets (click image for full size photo). Astronomer Carl Sagan wrote of The Pale Blue Dot:
Look again at that dot. That's here. That's home. That's us. On it everyone you love, everyone you know, everyone you ever heard of, every human being who ever was, lived out their lives. The aggregate of our joy and suffering, thousands of confident religions, ideologies, and economic doctrines, every hunter and forager, every hero and coward, every creator and destroyer of civilization, every king and peasant, every young couple in love, every mother and father, hopeful child, inventor and explorer, every teacher of morals, every corrupt politician, every "superstar," every "supreme leader," every saint and sinner in the history of our species lived there-on a mote of dust suspended in a sunbeam.
The Earth is a very small stage in a vast cosmic arena. Think of the rivers of blood spilled by all those generals and emperors so that, in glory and triumph, they could become the momentary masters of a fraction of a dot. Think of the endless cruelties visited by the inhabitants of one corner of this pixel on the scarcely distinguishable inhabitants of some other corner, how frequent their misunderstandings, how eager they are to kill one another, how fervent their hatreds.
Our posturings, our imagined self-importance, the delusion that we have some privileged position in the Universe, are challenged by this point of pale light. Our planet is a lonely speck in the great enveloping cosmic dark. In our obscurity, in all this vastness, there is no hint that help will come from elsewhere to save us from ourselves.
The Earth is the only world known so far to harbor life. There is nowhere else, at least in the near future, to which our species could migrate. Visit, yes. Settle, not yet. Like it or not, for the moment the Earth is where we make our stand.
It has been said that astronomy is a humbling and character-building experience. There is perhaps no better demonstration of the folly of human conceits than this distant image of our tiny world. To me, it underscores our responsibility to deal more kindly with one another, and to preserve and cherish the pale blue dot, the only home we've ever known.
You can hear Carl say this himself on YouTube, or in another interpretation here.
This holiday season, spend some time thinking about your place in the cosmos. Try to put your stresses and strains into perspective. Try to be a little more tolerant of fools and a little greener as a gift to our home, The Pale Blue Dot.
If you are stuck for christmas present ideas for your kids, how about a telescope or a pair of binoculars and an introductory book on Astronomy?